FortiGate virtual server webpages loading infinite

Fortinet has introduced a new configuration parameter in FortiOS 7.2.4 and higher. The setting is “http-supported-max-version” that is configurable under “config firewall vip”. Symptoms After an upgrade of the FortiOS to 7.2.4, some websites that are published over a virtual server on the FortiGate are loading infinite. A part of…

Loading

read more

Let’s Encrypt: Unexpected certificate warnings

On Mai 2021, Let’s Encrypt issued a note about the expiration of their DST Root CA X3:https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ Now that this root certificate has expired (2021-09-30), your systems might issue a warning when connecting to sites using Let’s Encrypt certificates. To fix this glitch on a general client, follow the instructions…

Loading

read more

FortiWeb v6.4.0 and Let’s Encrypt

FortiWeb v6.4 starts to support the integration with Let’s Encrypt. This allows you to automatically generate server certificates alleviating the need to upload private certificates. The administration guide gives you some information on how to request those Let’s Encrypt certificates but in our opinion the configuration guidelines are not sufficient….

Loading

read more

Websites are not working anymore

Since June 1st you may notice that some websites (https) are not working anymore when Fortigate or the Palo Alto Networks Firewall is doing decryption or certificate inspection. Typically you are getting one of the following error messages:

Loading

read more